CIPRO at epicentre of SA's fraud pandemic

Corrupt officials are facilitating hundreds, if not thousands, of scams

JOHANNESBURG - South Africa is currently in the midst of a fraud pandemic. At its epicentre is the Companies and Intellectual Property Registration Office (CIPRO). Over the past two years corrupt officials at CIPRO, acting with seeming impunity, have facilitated hundreds if not thousands of scams which have hit the South African Revenue Service, a number of prominent companies, and hundreds of smaller private businesses.

Two weeks ago we reported how in 2008 duplicates of Sun Microsystems South Africa Pty Ltd and SBC International Management Services were fraudulently registered as companies on CIPRO (see article). Bank accounts were set up in these counterfeit companies' names. R51m in tax refunds from SARS, due to the legitimate companies, were then diverted into the counterfeit's accounts.

An investigation has revealed that this CIPRO based scam was just the tip of the tip of the iceberg. Counterfeit companies are being fraudulently registered through CIPRO, on an ongoing daily basis, to facilitate cheque and other forms of fraud. No proper due diligence is being done. Over the past two years the directors of several prominent companies have also been fraudulently deregistered, and new directors inserted. Again, the intention is to facilitate fraud of one kind or another.

Counterfeit companies

One of the most prevalent scams involves the registration of duplicate or counterfeit companies. These are companies which almost the same name as the real company. For instance, Avusa Media is a well known media company. In terms of proper procedure CIPRO is not allowed to register companies with a similar name. However, in October 2008, officials at CIPRO fraudulently approved the reservation of the name Avusa Media (Gauteng), and shortly afterwards a company of that name was established. Its sole director is one ‘P.M. Masondo' of Leyds Street Pretoria.

Once the company has been registered the fraudsters - who operate using stolen identities - then attempt to establish bank accounts in the name of the counterfeit company. If the bank officials are honest and alert the real company will be contacted and the fraud nipped in the bud. But all too often an account is successfully set up. This is then used to facilitate fraud against the legitimate company, its clients and suppliers, and innocent third parties.

Clients are sometimes contacted and informed that the banking details of the real company have been changed (to that of the counterfeit.) ‘Overpayments' may be made using the counterfeit company's cheques to the legitimate company's suppliers and the fraudsters will ask for a refund.

In many cases cheques are intercepted at the South African Post Office. Companies with similar names to the recipients of the cheque are then fraudulently registered through CIPRO. Bank accounts are established in that company's name, the cheques are cashed, and the money removed. Usually, the counterfeit company uses the same name with a word (such as Gauteng) or a number (usually 01) added to the end. If need be, the fraudster can simply add the "01" to the named beneficiary on the stolen cheque, and it can then be deposited into their account.

In order to give an indication of the extent of the problem we are publishing a list of 114 duplicate companies (see here) alongside the real businesses and organisations they are trying to impersonate. We have very strong grounds for believing that almost all were established fraudulently, with the intention of perpetrating fraud. We have contacted a sample of the real companies listed. Not a single one had approved the duplicate. Some were unaware of their counterfeit version. A large proportion had been targeted successfully or unsuccessfully by fraudsters using the counterfeit company's identity.

Given our time constraints we were only able to contact a small number of the legitimate companies. However, the following confirmed they had been targeted: Schindler's Lifts, SA Guide Dogs Association, Giants Canning, Trident Steel, Johannesburg Tractor Spares, G and L Agencies, Marlboro Crane Hire, Hypersave Supermarket, Space Television, Colletts Pharmacy, The Media Shop, and AfriSave Cash and Carry.

Hijacked companies

Between 2007 and 2009 a series of well known South African companies have had their legitimate directors deregistered on the CIPRO system. New directors were inserted, probably using stolen identities. In 2007 one ‘Michael Thembinkosi Mahlaba' - in reality a tractor driver living and working near Howick, KwaZulu Natal - was inserted as the director of Hellermanntyton, Renold Crofts and MacSteel Tube and Pipe. Other companies affected by this type of fraud include Cashbuild (South Africa), The Lion Match Company, Trident Steel, Fleet Street Publications, Tedelex and Gardena (SA).

Most of these frauds were carried out using the electronic lodgement of the C29m (details of directors) form. Due to weaknesses in the system agents accessing the CIPRO database could change the names of directors of any company at will. This was done from ‘outside' but it did require insider knowledge. Despite being notified of the problem as early as October 2007 CIPRO only acted in February this year. E-lodgements of the CM29 form were temporarily suspended on February 25 2009 by then acting CEO Renier du Toit. However, this did not stop the problem completely. On April 8 2009 someone inside CIPRO deregistered the two legitimate directors of BLSA industries (the company which manufactures PoolBrite). One ‘Ndumiso Terran[ce] Mzazi' was inserted as the sole director instead.

All but two of the companies contacted said they were unaware of any consequent fraud. However, one did say that an individual, claiming to be the new owner, tried to open a bank account in the company's name. He had various company documents, correspondence with the firm's attorneys, and a certificate issued by CIPRO stating that he was the sole director of the company. A first effort in Johannesburg failed after the company was alerted by the branch concerned. But he later succeeded in opening an account in a small town and the fraudsters used the good name and reputation of the company to conduct various cheque and credit card frauds.

Some companies have been hit both by hijacking and counterfeiting scams. As noted above MacSteel had directors in a subsidiary deregistered. In July 2008 a counterfeit company called MACSTEELI TRADING was established for purposes unknown. Trident Steel meanwhile has been subjected to a sustained assault by fraudsters employing, inter alia, the following counterfeit companies: Trident Steel 22 (February 2007), Trident Sterling Tube-Manufactures (November 2007), Trident Tube Manufacturer (November 2007), Trident Steel (East) (January 2008), Trident Sterling Tube Manufacturers (Gauteng) (January 2008), Trident Steel Experts Construction and Projects (January 2009.) Trident Steel is a trademark and other companies are not allowed to use those two words in their name. This, and the company's complaints, did not stop CIPRO from waving through these names over a two year period.


Once the counterfeited (or hijacked) company has been registered and a bank account opened it becomes very difficult for the police to solve subsequent frauds. The new directors usually use forged or stolen identities. A common practice is for the fraudsters to use stolen identity documents and scan and electronically alter proof of residence documents in order to meet FICA requirements. Unless the fraudsters are caught in the act, or with the false IDs in their possession, it is almost impossible to successfully nail them. Moreover, those caught are usually just runners. They would often rather go to prison for a few years than put their families at risk by fingering the syndicate bosses masterminding the scams (often Pakistanis and Nigerians).

In a written response to a query from Politicsweb CIPRO CEO Keith Sendwe said he was aware of the basic points we raised. The organisation, he said, was "pulling out all stops to prevent fraudulent activities taking place." His full reply to our questions can be found here.

In their reply Standard Bank stated: "Although we are aware of the extent of the problem of cheque interception and fraud and of accounts being opened fraudulently and in some cases with similar names to registered entities, we have not confirmed that this is as a result of alleged corruption in CIPRO, nor that legitimate details are or have been altered at CIPRO. We are not able to comment on allegations which are clearly being made against CIPRO."

Nedbank, First National Bank, ABSA and the Department of Trade and Industry had not responded to our requests for comment by the time of publication.

Click here to sign up to receive our free daily headline email newsletter